<?php
    include '../classes/fileupload.class.php';
    include '../classes/image.class.php';
    include 'header.php';
    include '../function.inc.php';

    if(isset($_POST['submit'])){

        // 文件上传
        $pic = upload("pic");
        if(!$pic) {
            echo "文件上传错误！";
        }
        // 创建变量
        $bookname=$_POST['bookname'];
        $publisher=$_POST['publisher'];
        $author=$_POST['author'];
        $price=$_POST['price'];
        // $pic=$_POST['pic'];
        $detail=$_POST['detail'];
        $ptime=time();

        if(!$bookname || !$publisher || !$author || !$price) {
            echo "您未填写内容，请返回重试";
            exit;
        }
        if(!get_magic_quotes_gpc()) {
            $bookname=addslashes($bookname);
            $publisher=addslashes($publisher);
            $author=addslashes($author);
            $price=doubleval($price);
            $detail=addslashes($detail);
        }


        $query="insert into books (bookname, publisher, author, price, ptime, pic, detail) values ('".$bookname."','".$publisher."','".$author."','".$price."','".$ptime."','".$pic."','".$detail."')";
        $result=$db->query($query);
        if($result){
            echo $db->affected_rows."book inserted into database";
        } else {
            echo "an error has occurred.the item was not added";
        }

    }
 ?>
<h3>添加图书</h3>
<form action="" method="post" enctype="multipart/form-data">
    <p>图书名称：<input type="text" name="bookname" value="" ></p>
    <p>出版社： <input type="text" name="publisher" value="" ></p>
    <p>作者：<input type="text" name="author" value="" ></p>
    <p>价格：<input type="text" name="price" value="" ></p>
    <p>详细描述：<textarea cols="40" rows="5" name="detail"></textarea>  </p>
    <p>图片：<input type="file" name="pic" value=""  ></p>
    <input type="submit" name="submit" value="提交"></p>
</form>
<?php
    include 'footer.php';
 ?>
